<?php
namespace Components\Account\Backstage;

class Acl {
	public function check($controller, $dispatcher, $roles_id) {
		$controllerName = $dispatcher -> getNamespaceName() . '\\' . $dispatcher -> getControllerName();
		$controllerName = str_replace('\\','::',$controllerName);
		$resourcesModel = (__NAMESPACE__ . '\\Acl\\ResourcesModel')::findFirst('name = "'.$controllerName.'"');
		if(!$resourcesModel) {
			$res = $this -> addResources(['name'=>$controllerName,'description'=>'控制器']);
			if($res['code'] != 0) {
				$controller -> response -> setJsonContent(['code'=>-1,'msg'=>$controllerName.'添加失败']) -> send();
				exit;
			}
			$resourcesModel = $res['model'];
			unset($res);
		}

		$actionName = $dispatcher -> getActionName();
		$resourcesAccessesModel = (__NAMESPACE__ . '\\Acl\\ResourcesAccessesModel')::findFirst('resources_id = ' . $resourcesModel -> id . ' AND name = "' . $actionName . '"');
		if(!$resourcesAccessesModel) {
			$res = $this -> addResourcesAccesses(['resources_id'=>$resourcesModel -> id,'name'=>$actionName,'description'=>'操作']);
			if($res['code'] != 0) {
				$controller -> response -> setJsonContent(['code'=>-1,'msg'=>$controllerName.'::'.$actionName.'添加失败']) -> send();
				exit;
			}
			$resourcesAccessesModel = $res['model'];
			unset($res);
		}

		$accessListModel = (__NAMESPACE__ . '\\Acl\\AccessListModel')::findFirst('roles_id = ' . $roles_id . ' AND resources_id = ' . $resourcesModel -> id . ' AND access_id = ' . $resourcesAccessesModel -> id . ' AND allowed = ' . \Phalcon\Acl::ALLOW);
		if(!$accessListModel) {
			$controller -> response -> setJsonContent(['code'=>-1,'msg'=>'无操作权限']) -> send();
			exit;
		}
	}

	public function addAccessLists($parameter) {
		$resourcesAccessesModels = (__NAMESPACE__ . '\\Acl\\ResourcesAccessesModel')::find('resources_id = ' . $parameter['resources_id']);
		foreach($resourcesAccessesModels as $resourcesAccessesModel) {
			$this -> addAccessList([
				'roles_id' => $parameter['roles_id'],
				'resources_id' => $resourcesAccessesModel -> resources_id,
				'access_id' => $resourcesAccessesModel -> id,
				'allowed' => $parameter['allowed']
			]);
		}

		return ['code'=>0,'message'=>'允许成功'];
	}

	public function addAccessList($parameter) {
		$modelClass = __NAMESPACE__ . '\\Acl\\AccessListModel';
		$model = $modelClass::findFirst('roles_id = ' . $parameter['roles_id'] . ' AND resources_id = ' . $parameter['resources_id'] . ' AND access_id = ' . $parameter['access_id']);
		if(!$model) {
			unset($model);
			$model = new $modelClass($parameter);
			if(!$model -> create()) {
				return ['code'=>-1,'message'=>'允许失败'];
			}

		} else {
			$model -> allowed = $parameter['allowed'];
			if(!$model -> update()) {
				return ['code'=>-1,'message'=>'允许失败'];
			}
		}

		return ['code'=>0,'message'=>'允许成功','model'=>$model];
	}

	public function getRoles() {
		$models = (__NAMESPACE__ . '\\Acl\\RolesModel')::find();
		if(!$models -> valid()) {
			return ['code'=>-1,'message'=>'数据不存在或已删除'];
		}

		return ['code'=>0,'models'=>$models];
	}

	public function addRole($data) {
		$modelClass = __NAMESPACE__ . '\\Acl\\RolesModel';
		$model = new $modelClass($data);
		if(!$model -> create()) {
			return ['code'=>-1,'message'=>'创建失败'];
		}

		return ['code'=>0,'model'=>$model];
	}

	public function deleteRole($id) {
		$model = (__NAMESPACE__ . '\\Acl\\RolesModel')::findFirst('id = ' . $id);
		if(!$model) {
			return ['code'=>-1,'message'=>'数据不存在或已删除'];
		}

		if(!$model -> delete()) {
			return ['code'=>-1,'message'=>'删除失败'];
		}

		return ['code'=>0];
	}

	public function addResources($data) {
		$modelClass = __NAMESPACE__ . '\\Acl\\ResourcesModel';
		$model = new $modelClass($data);
		if(!$model -> create()) {
			return ['code'=>-1,'message'=>'创建失败'];
		}

		return ['code'=>0,'model'=>$model];
	}

	public function addResourcesAccesses($data) {
		$modelClass = __NAMESPACE__ . '\\Acl\\ResourcesAccessesModel';
		$model = new $modelClass($data);
		if(!$model -> create()) {
			return ['code'=>-1,'message'=>'创建失败'];
		}

		return ['code'=>0,'model'=>$model];
	}

	public function getResources() {
		$resourcesModels = (__NAMESPACE__ . '\\Acl\\ResourcesModel')::find();
		$resources = [];
		foreach($resourcesModels as $resourcesModel) {
			$resources[$resourcesModel -> id] = $resourcesModel -> toArray();
		}
		unset($resourcesModels);

		$resourcesAccessesModels = (__NAMESPACE__ . '\\Acl\\ResourcesAccessesModel')::find();
		foreach($resourcesAccessesModels as $resourcesAccessesModel) {
			if(!isset($resources[$resourcesAccessesModel -> resources_id]['accesses'])) {
				$resources[$resourcesAccessesModel -> resources_id]['accesses'] = [];
			}
			$resources[$resourcesAccessesModel -> resources_id]['accesses'][$resourcesAccessesModel -> id] = $resourcesAccessesModel -> toArray();
		}
		unset($resourcesAccessesModels);

		return ['code'=>0,'models'=>$resources];
	}

	public function getAccessList($id) {
		$resResources = $this -> getResources();
		if($resResources['code'] != 0) {
			return $resResources;
		}

		$accessListModels = (__NAMESPACE__ . '\\Acl\\AccessListModel')::find('roles_id = ' . $id);
		foreach($accessListModels as $accessListModel) {
			if(!isset($resResources['models'][$accessListModel -> resources_id]['access_list'])) {
				$resResources['models'][$accessListModel -> resources_id]['access_list'] = [];
			}

			$resResources['models'][$accessListModel -> resources_id]['access_list'][$accessListModel -> access_id] = $accessListModel -> toArray();
		}

		$models = [];
		foreach($resResources['models'] as $v) {
			$models[] = $v;
		}
		unset($resResources);

		return ['code'=>0,'models'=>$models];
	}
}
